Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. This attack appear to be expl...

In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA...

Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5.

ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerability in the redirect parameter at /admin/login. This vulnerability allows attackers to redirect users to an arbitrary website via...

openwhyd is vulnerable to URL Redirection to Untrusted Site

A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows attackers to redirect users to malicious sites via a crafted URL.